Mac App Store succumbs to DRM exploit

Some software on Apple's new digital storefront, the Mac App Store, has already succumbed to piracy through a nasty,
but simple exploit.

Download an app such as Angry Birds from a third
party site, paste in your App Store receipt and signature from a
legitimately purchased app, and the cracked game will run. Luckily,
only apps that skimp on sufficient DRM validation will suffer. For
now, if developers closely follow Apple's advice on validating App
Store receipts and signatures they'll be safe.

But before the Mac App Store was even released, notorious
black market iPhone group Hackulous announced that it has already cracked the new store's security
through a piece of software called Kickback.

However, in a bizarre and seemingly noble move, the team is
willing to wait a while and delay the program's public release, to
ensure Kickback doesn't "devalue applications and frustrate
developers". Instead, the group wants to wait for the App Store to fill up with "crappy applications"
first.

Hackulous is a well known community on the illicit iPhone scene, best known for circumventing the device's
DRM and offering up bootleg apps to unscrupulous and jailbroken
iPhone owners for free. And the group often declared its intentions
on iPhone as a "try-before-you-buy" service, to stop customers
spending cash on bad apps.

On the team's website, AppTrackr, a manifesto lays out the community's full
purpose.

"The App Store provides no global method of testing
applications before you purchase them. When far-too-many
applications on the App Store are complete and utter shit, consumer money is wasted
on applications that are promptly deleted by the enraged,
ripped-off customer," Hackulous writes. "Apptrackr aims to save
people money, not cost developers."

Those same ideals -- whether they're sincere or simply a
cover for their nefarious deeds -- are being carried over to the
group's Mac crack, says Hackulous member Dissident. "It'll probably
take months for the [Mac] App Store to actually have a bunch of
crappy applications and when we feel that it has a lot of crap in
it, we'll probably release [Kickback]."

Predictably, it didn't take long for poor quality apps to
appear. Website Read the fucking HIG already offers a comprehensive
list of Mac App Store downloads that are a blatant crime
against Apple's human interface guidelines.

Mark Brown is a daily news writer for Wired.co.uk. He
can be found on Twitter at @britishgaming. Follow
Wired at @WiredUK.